mirror of
https://github.com/docker/docs.git
synced 2026-04-02 17:28:55 +07:00
ea559a29bb
* Sync published with master (#8693) (#8694)
* Adding Azure note (#8566)
* Revert "Netlify redirects interlock (#8595)"
* UCP Install on Azure Patch (#8522)
* Removed Orchestrator Tag Pre Req from Azure Docs
* Clarifying need for 0644 permissions
* Improved backup commands (#8597)
* Improved backup commands
DTR image backup command improvements:
1. Local and NFS mount image backup commands were invalid (incorrectly used -C flag). Replaced them with commands that work.
2. The new commands automatically populate the correct replica ID and add a datestamp to the backup filename.
DTR Metadata backup command improvements:
DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:
1. The prior metadata backup command was subject to user error. Improved the command to automatically collect the DTR version and select a replica.
2. Improved security of the command by automatically collecting UCP CA certificate for verification rather than using --ucp-insecure-tls flag.
3. Improved the backup filename by adding the backed-up version information and date of backup. Knowledge of the version information is required for restoring a backup.
4. Described these improvements for the user.
Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.
* Technical and editorial review
* More edits
* line 8; remove unnecessary a (#8672)
* line 8; remove unnecessary a
* Minor edit
* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)
* Added examples (#8599)
* Added examples
Added examples with more detail and automation to help customers backup DTR without creating support tickets.
* Linked to explanation of example command
@omegamormegil I removed the example with prepopulated fields, as I think it doesn't add much, and will only add confusion. Users who need this much detail can run the basic command and follow the terminal prompts.
We can re-add in a follow-up PR, if you think that example is crucial to this page.
* Remove deadlink in the Interlock ToC (#8668)
* Found a deadlink in the Interlock ToC
* Added Redirect
* Published (#8674)
* add slack webhook to Jenkinsfile
* make jenkinsfile serve private and public docs
After a couple of Jenkins-based mix-ups it became obvious we needed a Jenkinsfile that would serve both public and private projects, that we could move between repos without worry. This Jenkinsfile knows which images to build and push and which swarm services to update because of the use of git_url and branch conditions.
* Sync published with master (#8619)
* Update install.md
add note: 8 character password minimum length
* Include Ubuntu version in Dockerfile
more recent versions of Ubuntu don't work with the given Dockerfile
* Updated the 3.1.4 release notes to include Centos 7.6 support
* Remove redundant "be"
* Update the "role-based access control" link
On page "https://docs.docker.com/ee/ucp/user-access/", update the hyperlink "role-based access control" to point to "https://docs.docker.com/ee/ucp/authorization/" instead of "https://docs.docker.com/ee/access-control".
* Add UCP user password limitation
* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"
* Adding emphasis on Static IP requirement (#7276)
* Adding emphasis on Static IP requirement
We had a customer (00056641) who changed IPs like this all at once, and they are in a messy status. We should make it clear that static IP is absolutely required.
```***-ucp-0-dw original="10.15.89.6" updated="10.15.89.7"
***-ucp-1-dw original="10.15.89.5" updated="10.15.89.6"
***-ucp-2-dw original="10.15.89.7" updated="10.15.89.5" ```
* Link to prod requirement of static IP addresses
* Adding warning about layer7 config (#8617)
* Adding warning about layer7 config
Adding warning about layer7 config not being included in the backup
* Text edit
* Sync published with master (#8673)
* Revert "Netlify redirects interlock (#8595)"
This reverts commit a7793edc74.
* UCP Install on Azure Patch (#8522)
* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)
* Correct Pod-CIDR Warning
* Content cleanup
Please check that I haven't changed the meaning of the updated prerequisites.
* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.
* Incorporated Steven F's feedback and Issue 8551
* Provide a warning when setting a small IP Count variable
* Final edits
* Update install-on-azure.md
* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command
* Removed Orchestrator Tag Pre Req from Azure Docs
* Clarifying need for 0644 permissions
* Improved backup commands (#8597)
* Improved backup commands
DTR image backup command improvements:
1. Local and NFS mount image backup commands were invalid (incorrectly used -C flag). Replaced them with commands that work.
2. The new commands automatically populate the correct replica ID and add a datestamp to the backup filename.
DTR Metadata backup command improvements:
DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:
1. The prior metadata backup command was subject to user error. Improved the command to automatically collect the DTR version and select a replica.
2. Improved security of the command by automatically collecting UCP CA certificate for verification rather than using --ucp-insecure-tls flag.
3. Improved the backup filename by adding the backed-up version information and date of backup. Knowledge of the version information is required for restoring a backup.
4. Described these improvements for the user.
Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.
* Technical and editorial review
* More edits
* line 8; remove unnecessary a (#8672)
* line 8; remove unnecessary a
* Minor edit
* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)
* Added examples (#8599)
* Added examples
Added examples with more detail and automation to help customers backup DTR without creating support tickets.
* Linked to explanation of example command
@omegamormegil I removed the example with prepopulated fields, as I think it doesn't add much, and will only add confusion. Users who need this much detail can run the basic command and follow the terminal prompts.
We can re-add in a follow-up PR, if you think that example is crucial to this page.
* Remove deadlink in the Interlock ToC (#8668)
* Found a deadlink in the Interlock ToC
* Added Redirect
* Trying to fix command rendering of '--format "{{ .Names }}"' (#8678)
* Trying to fix command rendering of '--format "{{ .Names }}"'
--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.
* Fixed heading inconsistency
* Trying to fix command rendering of '--format "{{ .Names }}"' (#8677)
* Trying to fix command rendering of '--format "{{ .Names }}"'
--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.
* Update concatenated to chained
* Minor fix
* interlock --> ucp-interlock (#8675)
* interlock --> ucp-interlock
* Fixed code samples
- Use the latest UCP version and the latest ucp-interlock image
- Leverage ucp page version Jekyll variable
* Typo
* Final syntax fix
* Update backup.md
* Removed Reference to Interlock Preview Image, and added relevant UCP Image Org and Tag
* Fix syntax error which caused the master build to fail
* docs: fix typo in removal of named volumes (#8686)
* Updated the ToC for Upgrading Interlock
* Removed the Previous Interlock SSL Page
* Moved Redirect to latest page
* Update index.md (#8690)
Fix typo - missing word.
* Update bind-mounts.md (#8696)
* Minor edits (#8708)
* Minor edits
- Standardized setting of replica ID as per @caervs
- Fix broken link
* Consistency edits
- Standardized setting of replica ID
- Added note that this command only works on Linux
* Standardize replica setting
- Update commands for creating tar files for local and NFS-mounted images
* Fixed broken 'important changes' link (#8721)
* Interlock fix - remove haproxy and custom template files (#8722)
* Removed haproxy and custom template info
* Delete file
* Delete file
* Render DTR version (#8726)
4.2 KiB
4.2 KiB
title, description, keywords, redirect_from
| title | description | keywords | redirect_from | |
|---|---|---|---|---|
| docker/dtr backup | Create a backup of DTR | dtr, cli, backup |
|
Create a backup of DTR
Usage
docker run -i --rm docker/dtr \
backup [command options] > backup.tar
Example Commands
Basic
docker run -i --rm --log-driver none docker/dtr:2.6.5 \
backup --ucp-ca "$(cat ca.pem)" --existing-replica-id 5eb9459a7832 > backup.tar
Advanced (with chained commands)
The following command has been tested on Linux:
{% raw %}
DTR_VERSION=$(docker container inspect $(docker container ps -f \
name=dtr-registry -q) | grep -m1 -Po '(?<=DTR_VERSION=)\d.\d.\d'); \
REPLICA_ID=$(docker inspect -f '{{.Name}}' $(docker ps -q -f name=dtr-rethink) | cut -f 3 -d '-')); \
read -p 'ucp-url (The UCP URL including domain and port): ' UCP_URL; \
read -p 'ucp-username (The UCP administrator username): ' UCP_ADMIN; \
read -sp 'ucp password: ' UCP_PASSWORD; \
docker run --log-driver none -i --rm \
--env UCP_PASSWORD=$UCP_PASSWORD \
docker/dtr:$DTR_VERSION backup \
--ucp-username $UCP_ADMIN \
--ucp-url $UCP_URL \
--ucp-ca "$(curl https://${UCP_URL}/ca)" \
--existing-replica-id $REPLICA_ID > \
dtr-metadata-${DTR_VERSION}-backup-$(date +%Y%m%d-%H_%M_%S).tar
{% endraw %}
For a detailed explanation on the advanced example, see
Back up your DTR metadata.
To learn more about the --log-driver option for docker run, see docker run reference.
Description
This command creates a tar file with the contents of the volumes used by
DTR, and prints it. You can then use docker/dtr restore to restore the data
from an existing backup.
Note:
-
This command only creates backups of configurations, and image metadata. It does not back up users and organizations. Users and organizations can be backed up during a UCP backup.
It also does not back up Docker images stored in your registry. You should implement a separate backup policy for the Docker images stored in your registry, taking into consideration whether your DTR installation is configured to store images on the filesystem or is using a cloud provider.
-
This backup contains sensitive information and should be stored securely.
-
Using the
--offline-backupflag temporarily shuts down the RethinkDB container. Take the replica out of your load balancer to avoid downtime.
Options
| Option | Environment Variable | Description |
|---|---|---|
--debug |
$DEBUG | Enable debug mode for additional logs. |
--existing-replica-id |
$DTR_REPLICA_ID | The ID of an existing DTR replica. To add, remove or modify a DTR replica, you must connect to an existing healthy replica's database. |
--help-extended |
$DTR_EXTENDED_HELP | Display extended help text for a given command. |
--offline-backup |
$DTR_OFFLINE_BACKUP | This flag takes RethinkDB down during backup and takes a more reliable backup. If you back up DTR with this flag, RethinkDB will go down during backup. However, offline backups are guaranteed to be more consistent than online backups. |
--ucp-ca |
$UCP_CA | Use a PEM-encoded TLS CA certificate for UCP. Download the UCP TLS CA certificate from https://<ucp-url>/ca, and use --ucp-ca "$(cat ca.pem)". |
--ucp-insecure-tls |
$UCP_INSECURE_TLS | Disable TLS verification for UCP. The installation uses TLS but always trusts the TLS certificate used by UCP, which can lead to MITM (man-in-the-middle) attacks. For production deployments, use --ucp-ca "$(cat ca.pem)" instead. |
--ucp-password |
$UCP_PASSWORD | The UCP administrator password. |
--ucp-url |
$UCP_URL | The UCP URL including domain and port. |
--ucp-username |
$UCP_USERNAME | The UCP administrator username. |