added new glossary terms and updated onboarding faq (#14862)

added new glossary terms and updated onboarding faq
2022-05-31 17:01:34 -07:00 · 2022-05-31 17:01:34 -07:00 · 2e65f37b27
parent b5ca0b9b53
commit 2e65f37b27
2 changed files with 73 additions and 78 deletions
--- a/_data/glossary.yaml
+++ b/_data/glossary.yaml
@ -5,16 +5,13 @@ arm64: |
  ARM64 is the 64-bit extension of the ARM CPU architecture. arm64 architecture
  is used in Apple silicon machines.
 base image: |
-  A **base image** has no parent image specified in its Dockerfile. It is created
+  A **base image** has no parent image specified in its Dockerfile. It is created using a Dockerfile with the `FROM scratch` directive.
  using a Dockerfile with the `FROM scratch` directive.
 btrfs: |
  btrfs (B-tree file system) is a Linux [filesystem](#filesystem) that Docker
-  supports as a storage backend. It is a [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write)
+  supports as a storage backend. It is a [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write) filesystem.
  filesystem.
 build: |
  build is the process of building Docker images using a [Dockerfile](#dockerfile).
-  The build uses a Dockerfile and a "context". The context is the set of files in the
+  The build uses a Dockerfile and a "context". The context is the set of files in the directory in which the image is built.
  directory in which the image is built.
 cgroups: |
  cgroups is a Linux kernel feature that limits, accounts for, and isolates
  the resource usage (CPU, memory, disk I/O, network, etc.) of a collection
@ -60,15 +57,21 @@ container: |
  - An execution environment
  - A standard set of instructions
-  The concept is borrowed from shipping containers, which define a standard to ship
+  The concept is borrowed from shipping containers, which define a standard to ship goods globally. Docker defines a standard to ship software.
-  goods globally. Docker defines a standard to ship software.
+container image: |
   Docker images are the basis of containers. An image is an ordered collection of root filesystem changes and the corresponding execution parameters for use within a container runtime. An image typically contains a union of layered filesystems stacked on top of each other.
 Docker: |
  The term Docker can refer to
-  - The Docker project as a whole, which is a platform for developers and sysadmins to
+  - The Docker project as a whole, which is a platform for developers and sysadmins to develop, ship, and run applications
-  develop, ship, and run applications
+  - The docker daemon process running on the host which manages images and containers (also called Docker Engine)
-  - The docker daemon process running on the host which manages images and containers
+Docker Business: |
-  (also called Docker Engine)
+  Docker Buisness is a [Docker subscription](#docker-subscription). Docker Business offers centralized management and advanced security features for enterprises that use Docker at scale. It empowers leaders to manage their Docker development environments and accelerate their secure software supply chain initiatives.
 Docker Desktop: |
  Docker Desktop is an easy-to-install, lightweight
  Docker development environment. Docker Desktop is available for [Mac](#docker-desktop-for-mac), [Windows](#docker-desktop-for-windows), and [Linux](#docker-desktop-for-linux), providing developers a consistent experience across platforms. Docker Desktop includes Docker Engine, Docker CLI client, Docker Compose, Docker Content Trust, Kubernetes, and Credential Helper.
  Docker Desktop works with your choice of development tools and languages and gives you access to a vast library of certified images and templates in Docker Hub. This enables development teams to extend their environment to rapidly auto-build, continuously integrate, and collaborate using a secure repository.
 Docker Desktop for Mac: |
  [Docker Desktop for Mac](/desktop/mac/) is an easy-to-install, lightweight
  Docker development environment designed specifically for the Mac. A native
@ -81,23 +84,33 @@ Docker Desktop for Windows: |
  easy-to-install, lightweight Docker development environment designed
  specifically for Windows systems that support WSL 2 and Microsoft Hyper-V.
  Docker Desktop for Windows uses WSL 2 or Hyper-V for
-  virtualization. Docker Desktop
+  virtualization. Docker Desktop for Windows is the best solution if you want to build, debug, test, package, and ship Dockerized applications from Windows machines.
  for Windows is the best solution if you want to build, debug, test, package, and
  ship Dockerized applications from Windows machines.
 Docker Desktop for Linux: |
-  [Docker Desktop for Linux](/desktop/linux/) is an an easy-to-install, lightweight
+  [Docker Desktop for Linux](/desktop/linux/) is an an easy-to-install, lightweight Docker development environment designed specifically for Linux machines. It's the best solution if you want to build, debug, test, package, and ship Dockerized applications on a Linux machine.
  Docker development environment designed specifically for Linux machines. It's the best solution if you want
  to build, debug, test, package, and ship Dockerized applications on a
  Linux machine.
 Docker Hub: |
-  The [Docker Hub](https://hub.docker.com/) is a centralized resource for working with
+  The [Docker Hub](https://hub.docker.com/) is a centralized resource for working with Docker and its components. It provides the following services:
  Docker and its components. It provides the following services:
  - A registry to host Docker images
  - User authentication
  - Automated image builds and workflow tools such as build triggers and web hooks
  - Integration with GitHub and Bitbucket
  - Security vulnerability scanning
 Docker ID: |
  Your free Docker ID grants you access to Docker Hub repositories and some beta programs. All you need is an email address.
 Docker Official Images: |
  The Docker Official Images are a curated set of Docker repositories hosted on [Docker Hub](#docker-hub). Docker, Inc. sponsors a dedicated team that is responsible for reviewing and publishing all content in the Docker Official Images. This team works in collaboration with upstream software maintainers, security experts, and the broader Docker community.
 Docker Personal: |
  Docker Personal is a [Docker subscription](#docker-subscription). With its focus on the open-source communities, individual developers, education, and small businesses, Docker Personal will continue to allow free use of Docker components - including the Docker CLI, Docker Compose, Docker Engine, Docker Desktop, Docker Hub, Kubernetes, Docker Build and Docker BuildKit, Docker Official Images, Docker Scan, and more.
 Docker Pro: |
  Docker Pro is a [Docker subscription](#docker-subscription). Docker Pro enables individual developers to get more control of their development environment and provides an integrated and reliable developer experience. It reduces the amount of time developers spend on mundane and repetitive tasks and empowers developers to spend more time creating value for their customers.
 Docker subscription: |
  Docker subscription tiers, sometimes referred to as plans, include [Personal](#docker-personal), [Pro](#docker-pro), [Team](#docker-team), and [Business](#docker-business). For more details, see [Docker subscription overview](/subscription/#docker-business).
 Docker Team: |
  Docker Team is a [Docker subscription](#docker-subscription). Docker Team offers capabilities for collaboration, productivity, and security across organizations. It enables groups of developers to unlock the full power of collaboration and sharing combined with essential security features and team management capabilities.
 Docker Trusted Content Program: |
  The Docker Trusted Content Program verifies content through four programs, [Docker Official Images](#docker-official-images), [Docker Verified Publisher Images](#docker-verified-publisher-images), Docker Open Source Images, and Custom Official Images.
 Docker Verified Publisher Images: |
  Docker Verified Publisher Images are confirmed by Docker to be from a trusted software publishers that are partners in the Verified Publisher program. Docker Verified Publisher Images are identified by the Verified Publisher badge included on the Docker Hub repositories.
 Dockerfile: |
  A Dockerfile is a text document that contains all the commands you would
  normally execute manually in order to build a Docker image. Docker can
@ -146,36 +159,35 @@ image: |
  execution parameters for use within a container runtime. An image typically
  contains a union of layered filesystems stacked on top of each other. An image
  does not have state and it never changes.
 invitee: |
  People who have been invited to join an [organization](#organization), but have not yet accepted their invitation.
 layer: |
-  In an image, a layer is modification to the image, represented by an instruction in the
+  In an image, a layer is modification to the image, represented by an instruction in the Dockerfile. Layers are applied in sequence to the base image to create the final image.
-  Dockerfile. Layers are applied in sequence to the base image to create the final image.
+  When an image is updated or rebuilt, only layers that change need to be updated, and unchanged layers are cached locally. This is part of why Docker images are so fast and lightweight. The sizes of each layer add up to equal the size of the final image.
  When an image is updated or rebuilt, only layers that change need to be updated, and
  unchanged layers are cached locally. This is part of why Docker images are so fast
  and lightweight. The sizes of each layer add up to equal the size of the final image.
 libcontainer: |
  libcontainer provides a native Go implementation for creating containers with
  namespaces, cgroups, capabilities, and filesystem access controls. It allows
  you to manage the lifecycle of the container performing additional operations
  after the container is created.
 libnetwork: |
-  libnetwork provides a native Go implementation for creating and managing container
+  libnetwork provides a native Go implementation for creating and managing container network namespaces and other network resources. It manages the networking lifecycle of the container performing additional operations after the container is created.
-  network namespaces and other network resources. It manages the networking lifecycle
+member: |
-  of the container performing additional operations after the container is created.
+  The people who have recieved and accepted invitations to join an [organization](#organization).
 namespace: |
  A [Linux namespace](https://man7.org/linux/man-pages/man7/namespaces.7.html)
-  is a Linux kernel feature that isolates and virtualizes system resources. Processes which are restricted to
+  is a Linux kernel feature that isolates and virtualizes system resources. Processes which are restricted to a namespace can only interact with resources or processes that are part of the same namespace. Namespaces
-  a namespace can only interact with resources or processes that are part of the same namespace. Namespaces
+  are an important part of Docker's isolation model. Namespaces exist for each type of resource, including `net` (networking), `mnt` (storage), `pid` (processes), `uts` (hostname control), and `user` (UID mapping). For more information about namespaces, see [Docker run reference](/engine/reference/run/) and [Isolate containers with a user namespace](/engine/security/userns-remap/).
  are an important part of Docker's isolation model. Namespaces exist for each type of
  resource, including `net` (networking), `mnt` (storage), `pid` (processes), `uts` (hostname control),
  and `user` (UID mapping). For more information about namespaces, see [Docker run reference](/engine/reference/run/) and [Isolate containers with a user namespace](/engine/security/userns-remap/).
 node: |
  A [node](/engine/swarm/how-swarm-mode-works/nodes/) is a physical or virtual
  machine running an instance of the Docker Engine in [swarm mode](#swarm-mode).
-  **Manager nodes** perform swarm management and orchestration duties. By default
+  **Manager nodes** perform swarm management and orchestration duties. By default manager nodes are also worker nodes.
  manager nodes are also worker nodes.
  **Worker nodes** execute tasks.
 organization: |
  An organization is a collection of teams and repositories that can be managed together. Docker users become members of an organization when they are assigned to at least one team in the organization.
 organization name: |
  The organization name, sometimes referred to as the Organization Namespace or the Org ID, is the unique identifier of a Docker organization.
 overlay network driver: |
  Overlay network driver provides out of the box multi-host network connectivity
  for Docker containers in a cluster.
@ -183,6 +195,8 @@ overlay storage driver: |
  OverlayFS is a [filesystem](#filesystem) service for Linux which implements a
  [union mount](https://en.wikipedia.org/wiki/Union_mount) for other file systems.
  It is supported by the Docker daemon as a storage driver.
 owners team: |
  The owners team is a special team created by default during the organization creation process. The owners team has full access to all repositories in the organization.
 parent image: |
  An image's **parent image** is the image designated in the `FROM` directive
  in the image's Dockerfile. All subsequent commands are based on this parent
@ -195,58 +209,43 @@ persistent storage: |
  persistent layer is not connected to the lifecycle of the container, allowing
  a user to retain state.
 registry: |
-  A Registry is a hosted service containing [repositories](#repository) of [images](#image)
+  A Registry is a hosted service containing [repositories](#repository) of [images](#image) which responds to the Registry API.
  which responds to the Registry API.
-  The default registry can be accessed using a browser at [Docker Hub](#docker-hub)
+  The default registry can be accessed using a browser at [Docker Hub](#docker-hub) or using the `docker search` command.
  or using the `docker search` command.
 repository: |
-  A repository is a set of Docker images. A repository can be shared by pushing it
+  A repository is a set of Docker images. A repository can be shared by pushing it to a [registry](#registry) server. The different images in the repository can be labeled using [tags](#tag).
  to a [registry](#registry) server. The different images in the repository can be
  labeled using [tags](#tag).
-  Here is an example of the shared [nginx repository](https://hub.docker.com/_/nginx/)
+  Here is an example of the shared [nginx repository](https://hub.docker.com/_/nginx/) and its [tags](https://hub.docker.com/r/library/nginx/tags/).
  and its [tags](https://hub.docker.com/r/library/nginx/tags/).
 SSH: |
  SSH (secure shell) is a secure protocol for accessing remote machines and applications.
-  It provides authentication and encrypts data communication over insecure networks such
+  It provides authentication and encrypts data communication over insecure networks such as the Internet. SSH uses public/private key pairs to authenticate logins.
-  as the Internet. SSH uses public/private key pairs to authenticate logins.
+seats: |
  The number of seats refers to the number of planned users within an [organization](#organization).
 service: |
-  A [service](/engine/swarm/how-swarm-mode-works/services/) is the definition of how
+  A [service](/engine/swarm/how-swarm-mode-works/services/) is the definition of how you want to run your application containers in a swarm. At the most basic level, a service  defines which container image to run in the swarm and which commands to run in the container. For orchestration purposes, the service defines the "desired state", meaning how many containers to run as tasks and constraints for deploying the containers.
  you want to run your application containers in a swarm. At the most basic level,
  a service  defines which container image to run in the swarm and which commands
  to run in the container. For orchestration purposes, the service defines the
  "desired state", meaning how many containers to run as tasks and constraints for
  deploying the containers.
  Frequently a service is a microservice within the context of some larger
  application. Examples of services might include an HTTP server, a database, or
  any other type of executable program that you wish to run in a distributed
  environment.
 service account: |
  A service account is a Docker ID used for automated management of container images or containerized applications. Service accounts are typically used in automated workflows, and do not share Docker IDs with the members in a Docker Team or Docker Business subscription plan.
 service discovery: |
-  Swarm mode [container discovery](/network/overlay/#container-discovery) is a DNS component
+  Swarm mode [container discovery](/network/overlay/#container-discovery) is a DNS component internal to the swarm that automatically assigns each service on an overlay network in the swarm a VIP and DNS entry. Containers on the network share DNS mappings for the service through gossip so any container on the network can access the service through its service name.
  internal to the swarm that automatically assigns each service on an overlay
  network in the swarm a VIP and DNS entry. Containers on the network share DNS
  mappings for the service through gossip so any container on the network can access
  the service through its service name.
-  You don’t need to expose service-specific ports to make the service available to
+  You don’t need to expose service-specific ports to make the service available to other services on the same overlay network. The swarm’s internal load balancer automatically distributes requests to the service VIP among the active tasks.
  other services on the same overlay network. The swarm’s internal load balancer
  automatically distributes requests to the service VIP among the active tasks.
 swarm: |
  A [swarm](/engine/swarm/) is a cluster of one or more Docker Engines running in [swarm mode](#swarm-mode).
 swarm mode: |
  [Swarm mode](/engine/swarm/) refers to cluster management and orchestration
-  features embedded in Docker Engine. When you initialize a new swarm (cluster) or
+  features embedded in Docker Engine. When you initialize a new swarm (cluster) or join nodes to a swarm, the Docker Engine runs in swarm mode.
  join nodes to a swarm, the Docker Engine runs in swarm mode.
 tag: |
  A tag is a label applied to a Docker image in a [repository](#repository).
  Tags are how various images in a repository are distinguished from each other.
 task: |
-  A [task](/engine/swarm/how-swarm-mode-works/services/#tasks-and-scheduling) is the
+  A [task](/engine/swarm/how-swarm-mode-works/services/#tasks-and-scheduling) is the atomic unit of scheduling within a swarm. A task carries a Docker container and the commands to run inside the container. Manager nodes assign tasks to worker nodes according to the number of replicas set in the service scale.
-  atomic unit of scheduling within a swarm. A task carries a Docker container and
+team: |
-  the commands to run inside the container. Manager nodes assign tasks to worker
+  A team is a group of Docker users that belong to an [organization](#organization). An organization can have multiple teams.
  nodes according to the number of replicas set in the service scale.
 Union file system: |
  Union file systems implement a [union
  mount](https://en.wikipedia.org/wiki/Union_mount) and operate by creating
@ -262,30 +261,24 @@ Union file system: |
  [OverlayFS](https://en.wikipedia.org/wiki/OverlayFS).
 virtual machine: |
  A virtual machine is a program that emulates a complete computer and imitates dedicated hardware.
-  It shares physical hardware resources with other users but isolates the operating system. The
+  It shares physical hardware resources with other users but isolates the operating system. The end user has the same experience on a Virtual Machine as they would have on dedicated hardware.
  end user has the same experience on a Virtual Machine as they would have on dedicated hardware.
-  Compared to containers, a virtual machine is heavier to run, provides more isolation,
+  Compared to containers, a virtual machine is heavier to run, provides more isolation, gets its own set of resources and does minimal sharing.
  gets its own set of resources and does minimal sharing.
  *Also known as : VM*
 volume: |
  A volume is a specially-designated directory within one or more containers
  that bypasses the Union File System. Volumes are designed to persist data,
-  independent of the container's life cycle. Docker therefore never automatically
+  independent of the container's life cycle. Docker therefore never automatically deletes volumes when you remove a container, nor will it "garbage collect" volumes that are no longer referenced by a container.
  deletes volumes when you remove a container, nor will it "garbage collect"
  volumes that are no longer referenced by a container.
  *Also known as: data volume*
  There are three types of volumes: *host, anonymous, and named*:
  - A **host volume** lives on the Docker host's filesystem and can be accessed from within the container.
-  - A **named volume** is a volume which Docker manages where on disk the volume is created,
+  - A **named volume** is a volume which Docker manages where on disk the volume is created, but it is given a name.
    but it is given a name.
-  - An **anonymous volume** is similar to a named volume, however, it can be difficult to refer to
+  - An **anonymous volume** is similar to a named volume, however, it can be difficult to refer to the same volume over time when it is an anonymous volume. Docker handles where the files are stored.
    the same volume over time when it is an anonymous volume. Docker handles where the files are stored.
 x86_64: |
  x86_64 (or x86-64) refers to a 64-bit instruction set invented by AMD as an
  extension of Intel's x86 architecture. AMD calls its x86_64 architecture,
--- a/docker-hub/onboarding-faqs.md
+++ b/docker-hub/onboarding-faqs.md
@ -11,6 +11,8 @@ services. All you need is an email address to create a Docker ID. Your Docker ID
 numbers and lowercase letters. You cannot use any special characters or spaces.
 For more information, see [Docker ID](../docker-id/index.md). If your admin enforces [Single sign-on (SSO)](../single-sign-on/index.md), a Docker ID is provisioned for new users.
 Developers may have multiple Docker IDs in order to separate their Docker IDs  that are associated with an organization in Docker Business, and their personal use Docker IDs. 
 ### What if my Docker ID is taken?
 All Docker IDs are first-come, first-served except for companies that have a US Trademark on a username. If you have a trademark for your namespace, [Docker Support](https://hub.docker.com/support/contact/){: target="_blank" rel="noopener"