docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #23021 from ctalledo/eci-k8s-custom-registry-note 

Adjust a note regarding Kubernetes custom registry images with ECI.
This commit is contained in:
Cesar Talledo 2025-07-08 00:04:02 -07:00 committed by GitHub
parent be57eec723
commit 6fbd921eed
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
content/manuals/desktop/features/kubernetes.md
View File

@ -214,14 +214,16 @@ The recommended approach to set this up is the following:
> [!NOTE]
>
> When using `KubernetesImagesRepository` and [Enhanced Container Isolation (ECI)](../../security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md)
> In Docker Desktop versions 4.43 or earlier: when using `KubernetesImagesRepository` and [Enhanced Container Isolation (ECI)](../../security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md)
> is enabled, add the following images to the [ECI Docker socket mount image list](../../security/for-admins/hardened-desktop/settings-management/configure-json-file.md#enhanced-container-isolation):
>
> * [imagesRepository]/desktop-cloud-provider-kind:*
> * [imagesRepository]/desktop-containerd-registry-mirror:*
> `[imagesRepository]/desktop-cloud-provider-kind:*`
> `[imagesRepository]/desktop-containerd-registry-mirror:*`
>
> These containers mount the Docker socket, so you must add the images to the ECI images list. If not,
> ECI will block the mount and Kubernetes won't start.
> These containers mount the Docker socket, so you must add the images to the
> ECI images list. If not, ECI will block the mount and Kubernetes won't
> start. This does not apply to Docker Desktop 4.44 or later because it
> automatically allows these images to mount the Docker socket.
## Troubleshooting

13
content/manuals/security/for-admins/hardened-desktop/settings-management/configure-json-file.md
View File

@ -290,12 +290,17 @@ quit and reopened.
> [!NOTE]
>
> When using the `imagesRepository` setting and Enhanced Container Isolation (ECI), add the following images to the [ECI Docker socket mount image list](#enhanced-container-isolation):
> In Docker Desktop versions 4.43 or earlier: when using the `imagesRepository`
> setting and Enhanced Container Isolation (ECI), add the following images to
> the [ECI Docker socket mount image list](#enhanced-container-isolation):
>
> * [imagesRepository]/desktop-cloud-provider-kind:*
> * [imagesRepository]/desktop-containerd-registry-mirror:*
> `[imagesRepository]/desktop-cloud-provider-kind:*`
> `[imagesRepository]/desktop-containerd-registry-mirror:*`
>
> These containers mount the Docker socket, so you must add the images to the ECI images list. If not, ECI will block the mount and Kubernetes won't start.
> These containers mount the Docker socket, so you must add the images to the
> ECI images list. If not, ECI will block the mount and Kubernetes won't start.
> This does not apply to Docker Desktop 4.44 or later because it automatically
> allows these images to mount the Docker socket.
### Networking