Portainer: Capabilities support in swarm mode
Is your feature request related to a problem? Please describe.
At present it does not look like cap_add and cap_dropare supported via stack deploy on the ui when running in swarm mode.
When including this via compose yaml, the service will run but without the configured capabilities present.
As of docker-ce 20.10 these are now implemented up stream, and the service can be corrected via cli e.g
docker service update --cap-add NET_ADMIN someservicename
Describe the solution you'd like
Support cap_add within portainer stack deployment.
Describe alternatives you've considered
n/a
Additional context
This -may- be related to an issue highlighted over on the docker-ce repository here:
https://github.com/docker/cli/issues/2893
portainer version tested: v2.0.0
cbrherms
All 3 comments
A "me too" from the person who raised in docker/cli#2893.
Docker 20.10 introduced the ability to add/remove capabilities with swarm.
When deploying a stack that uses capabilities (e..g docker stack deploy --compose-file xxx.yml) the capabilities are correctly applied.
When deploying the same compose-file with Portainer, the capabilities are not added (confirmed using docker inspect xxx | jq '.[0].Spec.TaskTemplate.ContainerSpec.CapabilityAdd').
davehope
on 4 Jan 2021
FYI this is earmarked in our 2.2 release (end of March 2021).
We'll tackle this in two points:
- Add support for stacks that uses capabilities by upgrading the Docker binary to the latest version
- Update the Swarm services UI/UX to support capabilities
deviantony
on 4 Jan 2021
Just a FYI: the issue reported in https://github.com/docker/cli/issues/2893 should now be fixed in current versions of Docker Desktop
thaJeztah
on 22 Mar 2021
Related issues
himred
·
3Comments
youlu-cn
·
3Comments
neilqin
·
3Comments
xInsertx
·
4Comments
rnz
·
3Comments
Most helpful comment
FYI this is earmarked in our 2.2 release (end of March 2021).
We'll tackle this in two points: