diff --git a/_scripts/fetch-upstream-resources.sh b/_scripts/fetch-upstream-resources.sh
index d90ff6e862..50b7e45303 100755
--- a/_scripts/fetch-upstream-resources.sh
+++ b/_scripts/fetch-upstream-resources.sh
@@ -1,11 +1,11 @@
#!/bin/sh
-# Fetches upstream resources from docker/docker and docker/distribution
+# Fetches upstream resources from docker/docker and distribution/distribution
# before handing off the site to Jekyll to build
# Relies on the "ENGINE_BRANCH" and "DISTRIBUTION_BRANCH" environment variables,
# which are usually set by the Dockerfile.
: "${ENGINE_BRANCH?No release branch set for docker/docker and docker/cli}"
-: "${DISTRIBUTION_BRANCH?No release branch set for docker/distribution}"
+: "${DISTRIBUTION_BRANCH?No release branch set for distribution/distribution}"
: "${COMPOSE_CLI_BRANCH?No release branch set for docker/compose-cli}"
# Translate branches for use by svn
@@ -23,10 +23,10 @@ if [ "${compose_cli_svn_branch}" = "branches/main" ]; then
fi
# Directories to get via SVN. We use this because you can't use git to clone just a portion of a repository
-svn co "https://github.com/docker/cli/${engine_svn_branch}/docs/extend" ./engine/extend || (echo "Failed engine/extend download" && exit 1)
-svn co "https://github.com/docker/docker/${engine_svn_branch}/docs/api" ./engine/api || (echo "Failed engine/api download" && exit 1)
-svn co "https://github.com/docker/compose-cli/${compose_cli_svn_branch}/docs" ./cloud || (echo "Failed compose-cli/docs download" && exit 1)
-svn co "https://github.com/docker/distribution/${distribution_svn_branch}/docs/spec" ./registry/spec || (echo "Failed registry/spec download" && exit 1)
+svn co "https://github.com/docker/cli/${engine_svn_branch}/docs/extend" ./engine/extend || (echo "Failed engine/extend download" && exit 1)
+svn co "https://github.com/docker/docker/${engine_svn_branch}/docs/api" ./engine/api || (echo "Failed engine/api download" && exit 1)
+svn co "https://github.com/docker/compose-cli/${compose_cli_svn_branch}/docs" ./cloud || (echo "Failed compose-cli/docs download" && exit 1)
+svn co "https://github.com/distribution/distribution/${distribution_svn_branch}/docs/spec" ./registry/spec || (echo "Failed registry/spec download" && exit 1)
# Fix up URls in swagger files
find ./engine/api -type f -name '*.yaml' | while read i; do sed -i 's#https://docs.docker.com/#/#g' "$i"; done;
@@ -35,12 +35,12 @@ find ./engine/api -type f -name '*.yaml' | while read i; do sed -i 's#https://do
find . -name ".svn" -print0 | xargs -0 /bin/rm -rf
# Get a few one-off files that we use directly from upstream
-wget --quiet --directory-prefix=./engine/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/deprecated.md" || (echo "Failed engine/deprecated.md download" && exit 1)
-wget --quiet --directory-prefix=./engine/reference/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/builder.md" || (echo "Failed engine/reference/builder.md download" && exit 1)
-wget --quiet --directory-prefix=./engine/reference/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/run.md" || (echo "Failed engine/reference/run.md download" && exit 1)
-wget --quiet --directory-prefix=./engine/reference/commandline/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/commandline/cli.md" || (echo "Failed engine/reference/commandline/cli.md download" && exit 1)
-wget --quiet --directory-prefix=./engine/reference/commandline/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/commandline/dockerd.md" || (echo "Failed engine/reference/commandline/dockerd.md download" && exit 1)
-wget --quiet --directory-prefix=./registry/ "https://raw.githubusercontent.com/docker/distribution/${DISTRIBUTION_BRANCH}/docs/configuration.md" || (echo "Failed registry/configuration.md download" && exit 1)
+wget --quiet --directory-prefix=./engine/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/deprecated.md" || (echo "Failed engine/deprecated.md download" && exit 1)
+wget --quiet --directory-prefix=./engine/reference/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/builder.md" || (echo "Failed engine/reference/builder.md download" && exit 1)
+wget --quiet --directory-prefix=./engine/reference/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/run.md" || (echo "Failed engine/reference/run.md download" && exit 1)
+wget --quiet --directory-prefix=./engine/reference/commandline/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/commandline/cli.md" || (echo "Failed engine/reference/commandline/cli.md download" && exit 1)
+wget --quiet --directory-prefix=./engine/reference/commandline/ "https://raw.githubusercontent.com/docker/cli/${ENGINE_BRANCH}/docs/reference/commandline/dockerd.md" || (echo "Failed engine/reference/commandline/dockerd.md download" && exit 1)
+wget --quiet --directory-prefix=./registry/ "https://raw.githubusercontent.com/distribution/distribution/${DISTRIBUTION_BRANCH}/docs/configuration.md" || (echo "Failed registry/configuration.md download" && exit 1)
# Remove things we don't want in the build
rm -f ./engine/extend/cli_plugins.md # the cli plugins api is not a stable API, and not included in the TOC for that reason.
diff --git a/cloud/ecs-integration.md b/cloud/ecs-integration.md
index dba8338251..d31479de79 100644
--- a/cloud/ecs-integration.md
+++ b/cloud/ecs-integration.md
@@ -489,6 +489,7 @@ x-aws-cloudformation:
Certificates:
- CertificateArn: "arn:aws:acm:certificate/123abc"
Protocol: HTTPS
+ Port: 443
```
## Using existing AWS network resources
diff --git a/compose/startup-order.md b/compose/startup-order.md
index a9b1a5e081..a628f5b3e8 100644
--- a/compose/startup-order.md
+++ b/compose/startup-order.md
@@ -29,7 +29,7 @@ need this level of resilience, you can work around the problem with a wrapper
script:
- Use a tool such as [wait-for-it](https://github.com/vishnubob/wait-for-it),
- [dockerize](https://github.com/jwilder/dockerize), sh-compatible
+ [dockerize](https://github.com/powerman/dockerize), sh-compatible
[wait-for](https://github.com/Eficode/wait-for), or [RelayAndContainers](https://github.com/jasonsychau/RelayAndContainers) template. These are small
wrapper scripts which you can include in your application's image to
poll a given host and port until it's accepting TCP connections.
diff --git a/config/containers/multi-service_container.md b/config/containers/multi-service_container.md
index 38396f01e0..566d879b5a 100644
--- a/config/containers/multi-service_container.md
+++ b/config/containers/multi-service_container.md
@@ -38,39 +38,16 @@ this in a few different ways.
#!/bin/bash
# Start the first process
- ./my_first_process -D
- status=$?
- if [ $status -ne 0 ]; then
- echo "Failed to start my_first_process: $status"
- exit $status
- fi
-
+ ./my_first_process &
+
# Start the second process
- ./my_second_process -D
- status=$?
- if [ $status -ne 0 ]; then
- echo "Failed to start my_second_process: $status"
- exit $status
- fi
-
- # Naive check runs checks once a minute to see if either of the processes exited.
- # This illustrates part of the heavy lifting you need to do if you want to run
- # more than one service in a container. The container exits with an error
- # if it detects that either of the processes has exited.
- # Otherwise it loops forever, waking up every 60 seconds
-
- while sleep 60; do
- ps aux |grep my_first_process |grep -q -v grep
- PROCESS_1_STATUS=$?
- ps aux |grep my_second_process |grep -q -v grep
- PROCESS_2_STATUS=$?
- # If the greps above find anything, they exit with 0 status
- # If they are not both 0, then something is wrong
- if [ $PROCESS_1_STATUS -ne 0 -o $PROCESS_2_STATUS -ne 0 ]; then
- echo "One of the processes has already exited."
- exit 1
- fi
- done
+ ./my_second_process &
+
+ # Wait for any process to exit
+ wait -n
+
+ # Exit with status of process that exited first
+ exit $?
```
Next, the Dockerfile:
diff --git a/docker-hub/image-access-management.md b/docker-hub/image-access-management.md
index 23fb3e3a5d..441f58d9de 100644
--- a/docker-hub/image-access-management.md
+++ b/docker-hub/image-access-management.md
@@ -2,15 +2,25 @@
description: Image Access Management
keywords: image, access, management
title: Image Access Management
+toc_max: 2
---
Image Access Management is a new feature that is a part of the Docker Business subscription. This feature allows Organization owners to control which types of images (Docker Official Images, Docker Verified Publisher Images, Community images) their developers can pull from Docker Hub.
For example, a developer, who is part of an organization, building a new containerized application could accidentally use an untrusted, community image as a component of their application. This image could be malicious and pose a security risk to the company. Using Image Access Management, the Organization owner could ensure that the developer can only access trusted content like Docker Official Images, Docker Verified Publisher Images, or the Organization’s own images, preventing such a risk.
-
## Configure Image Access Management permissions
+The following video walks you through the process of configuring Image Access Management permissions.
+
+
+
+
+
+### Detailed instructions
+
+To configure Image Access Management permissions, perform the following steps:
+
1. Log into your [Docker Hub](https://hub.docker.com) account as an organization administrator.
2. Select an organization, and navigate to the **Settings** tab on the **Organizations** page and click Org Permissions.
diff --git a/engine/install/ubuntu.md b/engine/install/ubuntu.md
index 57cfcc5473..fd9c59ee93 100644
--- a/engine/install/ubuntu.md
+++ b/engine/install/ubuntu.md
@@ -16,9 +16,9 @@ title: Install Docker Engine on Ubuntu
toc_max: 4
---
-> **Scan your images for vulnerabilities**
+> **Docker Desktop for Linux**
>
-> Using open source components in your container images can introduce vulnerabilities. Run `docker scan` to start securing your images using Snyk. If you have a Docker Pro, Team, or a Business subscription, you can automatically scan images when you push an image to Docker Hub. See [Hub Vulnerability Scanning](../../docker-hub/vulnerability-scanning.md) for more information.
+> Docker Desktop helps you build, share, and run containers easily on Mac and Windows as you do on Linux. Docker handles the complex setup and allows you to focus on writing the code. Thanks to the positive support we received on the [subscription updates](https://www.docker.com/blog/updating-product-subscriptions/){: target="_blank" rel="noopener" class="_" id="dkr_docs_cta"}, we've started working on [Docker Desktop for Linux](https://www.docker.com/blog/accelerating-new-features-in-docker-desktop/){: target="_blank" rel="noopener" class="_" id="dkr_docs_cta"} which is the second-most popular feature request in our public roadmap. If you are interested in early access, sign up for our [Developer Preview program](https://www.docker.com/community/get-involved/developer-preview){: target="_blank" rel="noopener" class="_" id="dkr_docs_cta"}.
{: .important}
To get started with Docker Engine on Ubuntu, make sure you
diff --git a/storage/volumes.md b/storage/volumes.md
index 163b9e5079..61ea2088c8 100644
--- a/storage/volumes.md
+++ b/storage/volumes.md
@@ -578,6 +578,12 @@ the Docker Engine removes the `/foo` volume but not the `awesome` volume.
$ docker run --rm -v /foo -v awesome:/bar busybox top
```
+> **Note**:
+>
+> If another container binds the volumes with
+> `--volumes-from`, the volume definitions are _copied_ and the
+> anonymous volume also stays after the first container is removed.
+
### Remove all volumes
To remove all unused volumes and free up space: