Skip to content

Add 'docker network edit' command for updating network labels#6851

Open
atoniolo76 wants to merge 1 commit intodocker:masterfrom
atoniolo76:feature/network-edit
Open

Add 'docker network edit' command for updating network labels#6851
atoniolo76 wants to merge 1 commit intodocker:masterfrom
atoniolo76:feature/network-edit

Conversation

@atoniolo76
Copy link

@atoniolo76 atoniolo76 commented Mar 6, 2026

What

Adds a new `docker network edit` subcommand that allows updating the labels of an existing network:

```
docker network edit [OPTIONS] NETWORK

Options:
--label-add key=value Add or update a label
--label-rm key Remove a label by key
```

Example:
```bash

Add labels

docker network edit --label-add env=prod --label-add team=platform mynet

Remove a label

docker network edit --label-rm env mynet
```

Why

There is currently no way to update a network after creation without deleting and manually recreating it. Labels are a common mechanism for organizing and filtering resources (e.g. for monitoring, cost attribution, or tooling), and users need to be able to update them without tearing down the network.

The new command follows the same `--label-add` / `--label-rm` UX as `docker service update`, making it consistent with the rest of the CLI.

How

Because the Docker Engine API does not expose a `PATCH /networks/{id}` endpoint, this command implements the change client-side:

  1. Inspect the network to read its full current configuration
  2. Refuse to proceed if any containers are connected (active endpoints), printing their names and asking the user to disconnect them first
  3. Remove the network
  4. Recreate it with identical driver, IPAM, options, flags, and updated labels

Steps 3–4 are a narrow window where the network is absent; by requiring zero active endpoints beforehand, no running container loses connectivity.

Testing

Unit tests are added in `edit_test.go` covering:

  • Error when no flags are provided
  • Error when there are active endpoints
  • `--label-add` correctly merges new labels with existing ones
  • `--label-rm` correctly removes the specified label
  • The new network ID is printed to stdout after recreation

Limitations / Future work

  • IPAM configuration (subnets, gateways) cannot be changed in-place with this approach; a dedicated Engine API endpoint (`PATCH /networks/{id}`) would unlock richer mutations without the remove/recreate trade-off
  • Pre-existing labels applied by the daemon (e.g. `com.docker.*`) are preserved via the round-trip inspect

@atoniolo76
Add 'docker network edit' command for updating network labels
55455ff 
Adds a new 'docker network edit' subcommand that allows users to add or
remove labels on an existing network using --label-add and --label-rm
flags, consistent with the UX of 'docker service update'.

Because the Docker Engine API does not expose a network-update endpoint,
this command implements the change by inspecting the network, removing
it, and recreating it with identical configuration and updated labels.
To avoid disrupting connectivity the command refuses to operate on
networks that have active endpoints, instructing the user to disconnect
containers first.

Signed-off-by: Alessio Toniolo <atoniolo76@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@atoniolo76