From 798eeafff1450fb87b0894d8ea3693bb9dd163db Mon Sep 17 00:00:00 2001 From: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> Date: Fri, 11 Aug 2023 10:02:52 +0100 Subject: [PATCH] desktop freshness (#17887) * first batch * second batch * final batch * fix build * review edits * review edits --------- Co-authored-by: aevesdocker --- desktop/backup-and-restore.md | 1 + desktop/containerd/index.md | 24 +++---- desktop/dev-environments/create-dev-env.md | 4 +- desktop/dev-environments/dev-cli.md | 2 +- desktop/dev-environments/index.md | 3 +- desktop/feedback.md | 2 +- desktop/get-started.md | 23 +++---- .../enhanced-container-isolation/faq.md | 4 +- .../features-benefits.md | 10 +-- .../how-eci-works.md | 2 +- .../enhanced-container-isolation/index.md | 4 +- desktop/hardened-desktop/index.md | 4 +- .../settings-management/configure.md | 4 +- .../settings-management/index.md | 4 +- desktop/index.md | 15 ++--- desktop/install/archlinux.md | 9 +-- desktop/install/debian.md | 62 +++++++++---------- desktop/install/fedora.md | 9 +-- desktop/install/linux-install.md | 13 ++-- desktop/install/mac-install.md | 35 +++++------ desktop/install/ubuntu.md | 1 + desktop/install/windows-install.md | 34 ++++------ desktop/kubernetes.md | 23 +++---- desktop/mac/permission-requirements.md | 30 ++++----- desktop/networking.md | 12 ++-- desktop/settings/linux.md | 12 ++-- desktop/settings/mac.md | 18 +++--- desktop/settings/windows.md | 18 +++--- desktop/troubleshoot/overview.md | 2 +- desktop/troubleshoot/topics.md | 24 +++---- desktop/troubleshoot/workarounds.md | 2 +- desktop/uninstall.md | 27 ++++---- desktop/use-desktop/container.md | 2 +- desktop/use-desktop/images.md | 24 +++---- desktop/use-desktop/index.md | 14 +++-- desktop/vm-vdi.md | 10 +-- desktop/wasm/index.md | 34 +++++----- desktop/windows/permission-requirements.md | 14 ++--- desktop/wsl/best-practices.md | 1 - 39 files changed, 266 insertions(+), 270 deletions(-) diff --git a/desktop/backup-and-restore.md b/desktop/backup-and-restore.md index c8258d59f5..f039d7160f 100644 --- a/desktop/backup-and-restore.md +++ b/desktop/backup-and-restore.md @@ -9,6 +9,7 @@ computer, for example. > Should I back up my containers? > > If you use volumes or bind-mounts to store your container data, backing up your containers may not be needed, but make sure to remember the options that were used when creating the container or use a [Docker Compose file](../compose/compose-file/index.md) if you want to re-create your containers with the same configuration after re-installation. +{: .tip} ## Save your data diff --git a/desktop/containerd/index.md b/desktop/containerd/index.md index 1b5ca20603..982133f996 100644 --- a/desktop/containerd/index.md +++ b/desktop/containerd/index.md @@ -15,6 +15,7 @@ image and file system management in the Docker Engine. > [Beta](../../release-lifecycle.md/#beta). We recommend that you do not use > this feature in production environments as this feature may change or be > removed from future releases. +{: .experimental} ## What is the containerd image store? @@ -43,27 +44,26 @@ Docker Engine, including: The image store integration is still at an early stage, so not all features are yet supported. -## Enabling the containerd image store feature +## Turn on the containerd image store feature -> **Note** -> -> After switching to the containerd image store, images and containers from the -> default image store won't be visible. All of those containers and images -> still exist. To see them again, turn off the containerd image store feature. - -The containerd image store beta feature is off by default. +The containerd image store beta feature is turned off by default. To start using the feature: 1. Navigate to **Settings**. -2. Select the **Experimental** features tab. +2. Select the **Beta** features tab. 3. Next to **Use containerd for pulling and storing images**, select the checkbox. -To turn off this feature, clear the **Use containerd for pulling and storing +To turn off this feature, clear the **Use containerd for pulling and storing images** checkbox. -![containerd feature](../images/containerd_feature_activation.png){:width="750px"} +> **Tip** +> +> After switching to the containerd image store, images and containers from the +> default image store won't be visible. All of those containers and images +> still exist. To see them again, turn off the containerd image store feature. +{: .tip} ## Building multi-platform images @@ -97,7 +97,7 @@ $ docker buildx build --quiet \ ERROR: docker exporter does not currently support exporting manifest lists ``` -Enabling the containerd image store lets you build, and load, multi-platform images +Turning on the containerd image store lets you build, and load, multi-platform images to your local image store, all while using the default builder. {% raw %} diff --git a/desktop/dev-environments/create-dev-env.md b/desktop/dev-environments/create-dev-env.md index 54f7d4b757..801392e61d 100644 --- a/desktop/dev-environments/create-dev-env.md +++ b/desktop/dev-environments/create-dev-env.md @@ -10,7 +10,7 @@ redirect_from: You can launch a dev environment from a: - Git repository - Branch or tag of a Git repository -- Subfolder of a Git repository +- Sub-folder of a Git repository - Local folder This does not conflict with any of the local files or local tooling set up on your host. @@ -22,7 +22,7 @@ This does not conflict with any of the local files or local tooling set up on yo ## Prerequisites -Dev Environments is available as part of Docker Desktop 3.5.0 release. Download and install **Docker Desktop 3.5.0** or higher: +Dev Environments is available as part of Docker Desktop 3.5.0 release. Download and install **Docker Desktop 3.5.0** or later: - [Docker Desktop](../release-notes.md) diff --git a/desktop/dev-environments/dev-cli.md b/desktop/dev-environments/dev-cli.md index ae984a8c10..3964216b05 100644 --- a/desktop/dev-environments/dev-cli.md +++ b/desktop/dev-environments/dev-cli.md @@ -7,7 +7,7 @@ title: Use the docker dev CLI plugin Use the new `docker dev` CLI plugin to get the full Dev Environments experience from the terminal in addition to the Dashboard. -It is available with [Docker Desktop 4.13.0 or later](../release-notes.md). +It is available with [Docker Desktop 4.13.0 and later](../release-notes.md). ### Usage diff --git a/desktop/dev-environments/index.md b/desktop/dev-environments/index.md index b2d3e795e2..9a8a02c1f5 100644 --- a/desktop/dev-environments/index.md +++ b/desktop/dev-environments/index.md @@ -1,13 +1,14 @@ --- description: Dev Environments keywords: Dev Environments, share, local, Compose -title: Overview +title: Overview of Dev Environments --- {% include dev-envs-changing.md %} > **Beta** > > The Dev Environments feature is currently in [Beta](../../release-lifecycle.md#beta). We recommend that you do not use this in production environments. +{: .experimental} Dev Environments let you create a configurable developer environment with all the code and tools you need to quickly get up and running. diff --git a/desktop/feedback.md b/desktop/feedback.md index 1391f6d1bc..f5b75fbae1 100644 --- a/desktop/feedback.md +++ b/desktop/feedback.md @@ -8,7 +8,7 @@ There are many ways you can provide feedback on Docker Desktop or Docker Desktop #### In-product feedback -On each Docker Dashboard view, there is a **Give feedback** link. This sends you to a Google Feedback form where you can share your feedback and ideas. +On each Docker Dashboard view, there is a **Give feedback** link. This sends you to a Google feedback form where you can share your feedback and ideas. #### Feedback via Docker Community forums diff --git a/desktop/get-started.md b/desktop/get-started.md index 4875af8c64..16788b6fa7 100644 --- a/desktop/get-started.md +++ b/desktop/get-started.md @@ -1,7 +1,7 @@ --- description: Explore the Learning center and understand the benefits of signing in to Docker Desktop keywords: Docker Dashboard, manage, containers, gui, dashboard, images, user manual, learning center, guide, sign in -title: Learning Center and sign in +title: Explore the Learning center and sign in to Docker Desktop redirect_from: - /desktop/linux/ - /desktop/linux/index/ @@ -27,11 +27,11 @@ redirect_from: - /winkit/getting-started/ --- -## Learning Center +## Learning center -The Learning Center helps you get started with quick in-app walkthroughs and other resources for learning about Docker. +The Learning center helps you get started with quick in-app walkthroughs and other resources for learning about Docker. -To access the Learning Center, select the **Learning Center** tab in Docker +To access the Learning center, select the **Learning center** view in Docker Desktop. ![Learning Center](images/learning-center.png) @@ -43,9 +43,9 @@ For a more detailed guide about getting started, see Docker recommends that you authenticate using the **Sign in** option in the top-right corner of the Docker Dashboard. -Once logged in, you can access your Docker Hub repositories directly from Docker Desktop. +Once signed in, you can access your Docker Hub repositories directly from Docker Desktop. -Authenticated users get a higher pull rate limit compared to anonymous users. For example, if you are authenticated, you get 200 pulls per 6 hour period, compared to 100 pulls per 6 hour period per IP address for anonymous users. For more information, see [Download rate limit](../docker-hub/download-rate-limit.md). +Authenticated users also get a higher pull rate limit compared to anonymous users. For example, if you are authenticated, you get 200 pulls per 6 hour period, compared to 100 pulls per 6 hour period per IP address for anonymous users. For more information, see [Download rate limit](../docker-hub/download-rate-limit.md). In large enterprises where admin access is restricted, administrators can [Configure registry.json to enforce sign-in](../docker-hub/configure-sign-in.md). Enforcing developers to authenticate through Docker Desktop also allows administrators to improve their organization’s security posture for containerized development by taking advantage of [Hardened Desktop](hardened-desktop/index.md). @@ -74,14 +74,14 @@ GnuPG needs to construct a user ID to identify your key. Real name: Molly Email address: molly@example.com You selected this USER-ID: - "Molly " + "Molly " Change (N)ame, (E)mail, or (O)kay/(Q)uit? O ... -pub rsa3072 2022-03-31 [SC] [expires: 2024-03-30] - -uid Molly -sub rsa3072 2022-03-31 [E] [expires: 2024-03-30] +pubrsa3072 2022-03-31 [SC] [expires: 2024-03-30] + +uid Molly +subrsa3072 2022-03-31 [E] [expires: 2024-03-30] ``` To initialize `pass`, run the following command using the public key generated from the previous command: @@ -108,6 +108,7 @@ Digest: sha256:3c6b73ce467f04d4897d7a7439782721fd28ec9bf62ea2ad9e81a5fb7fb3ff96 Status: Downloaded newer image for molly/privateimage:latest docker.io/molly/privateimage:latest ``` + ## What's next? - [Explore Docker Desktop](use-desktop/index.md) and its features. diff --git a/desktop/hardened-desktop/enhanced-container-isolation/faq.md b/desktop/hardened-desktop/enhanced-container-isolation/faq.md index 360466f171..1bebe9448a 100644 --- a/desktop/hardened-desktop/enhanced-container-isolation/faq.md +++ b/desktop/hardened-desktop/enhanced-container-isolation/faq.md @@ -52,12 +52,12 @@ as configured via Docker Desktop's **Settings** > **Resources** > **File Sharing It protects all containers launched by users via `docker create` and `docker run`. It does not yet protect Docker Desktop Kubernetes pods, ExtensioncContainers, and Dev Environments. -### Does Enhanced Container Isolation protect container launched prior to enabling ECI? +### Does Enhanced Container Isolation protect containers launched prior to enabling ECI? No. Containers created prior to switching on ECI are not protected. Therefore, we recommend removing all containers prior to switching on ECI. -### Does Enhanced Container Isolation affect performance of containers? +### Does Enhanced Container Isolation affect the performance of containers? Enhanced Container Isolation has very little impact on the performance of containers. The exception is for containers that perform lots of `mount` and diff --git a/desktop/hardened-desktop/enhanced-container-isolation/features-benefits.md b/desktop/hardened-desktop/enhanced-container-isolation/features-benefits.md index 3d171095a0..25078bfee1 100644 --- a/desktop/hardened-desktop/enhanced-container-isolation/features-benefits.md +++ b/desktop/hardened-desktop/enhanced-container-isolation/features-benefits.md @@ -4,7 +4,7 @@ title: Key features and benefits keywords: set up, enhanced container isolation, rootless, security, features, Docker Desktop --- -### Linux User Namespace on all Containers +### Linux User Namespace on all containers With Enhanced Container Isolation, all user containers leverage the [Linux user-namespace](https://man7.org/linux/man-pages/man7/user_namespaces.7.html){:target="_blank" rel="noopener" class="_"} for extra isolation. This means that the root user in the container maps to an unprivileged @@ -12,7 +12,7 @@ user in the Docker Desktop Linux VM. For example: -``` +```console $ docker run -it --rm --name=first alpine / # cat /proc/self/uid_map 0 100000 65536 @@ -26,7 +26,7 @@ range of 64K user IDs. The same applies to group IDs. Each container gets an exclusive range of mappings, managed by Sysbox. For example, if a second container is launched the mapping range is different: -``` +```console $ docker run -it --rm --name=second alpine / # cat /proc/self/uid_map 0 165536 65536 @@ -35,7 +35,7 @@ $ docker run -it --rm --name=second alpine In contrast, without Enhanced Container Isolation, the container's root user is in fact root on the host (aka "true root") and this applies to all containers: -``` +```console $ docker run -it --rm alpine / # cat /proc/self/uid_map 0 0 4294967295 @@ -48,7 +48,7 @@ Linux capabilities are constrained to resources within the container only, increasing isolation significantly compared to regular containers, both container-to-host and cross-container isolation. -### Privileged Containers Are Also Secured +### Privileged containers are also secured Privileged containers `docker run --privileged ...` are insecure because they give the container full access to the Linux kernel. That is, the container runs diff --git a/desktop/hardened-desktop/enhanced-container-isolation/how-eci-works.md b/desktop/hardened-desktop/enhanced-container-isolation/how-eci-works.md index 8ef40677ba..45c5a0cbf4 100644 --- a/desktop/hardened-desktop/enhanced-container-isolation/how-eci-works.md +++ b/desktop/hardened-desktop/enhanced-container-isolation/how-eci-works.md @@ -6,7 +6,7 @@ keywords: set up, enhanced container isolation, rootless, security >**Note** > ->Enhance Container Isolation is available to Docker Business customers only. +> Enhanced Container Isolation is available to Docker Business customers only. Enhanced Container Isolation hardens container isolation using the [Sysbox container runtime](https://github.com/nestybox/sysbox){:target="_blank" rel="noopener" class="_"}. Sysbox is a fork of the diff --git a/desktop/hardened-desktop/enhanced-container-isolation/index.md b/desktop/hardened-desktop/enhanced-container-isolation/index.md index 45cca26116..b238477296 100644 --- a/desktop/hardened-desktop/enhanced-container-isolation/index.md +++ b/desktop/hardened-desktop/enhanced-container-isolation/index.md @@ -10,7 +10,7 @@ title: What is Enhanced Container Isolation? Enhanced Container Isolation provides an additional layer of security to prevent malicious workloads running in containers from compromising Docker Desktop or the host. -It uses a variety of advanced techniques to harden container isolation, but without impacting developer productivity. It is available with [Docker Desktop 4.13.0 or later](../../release-notes.md). +It uses a variety of advanced techniques to harden container isolation, but without impacting developer productivity. It is available with [Docker Desktop 4.13.0 and later](../../release-notes.md). These techniques include: - Running all containers unprivileged through the Linux user-namespace, even those launched with the `--privileged` flag. This makes it harder for malicious container workloads to escape the container and infect the Docker Desktop VM and host. @@ -31,7 +31,7 @@ Enhanced Container Isolation ensures stronger container isolation and also locks - For organizations and developers that want to prevent container attacks and reduce vulnerabilities in developer environments. - For organizations that want to ensure stronger container isolation that is easy and intuitive to implement on developers' machines. -### What happens when Enhanced Container Isolation is enabled? +### What happens when Enhanced Container Isolation is turned on? When Enhanced Container Isolation is turned on, the following features are enabled: diff --git a/desktop/hardened-desktop/index.md b/desktop/hardened-desktop/index.md index 017aae994f..4c668cc953 100644 --- a/desktop/hardened-desktop/index.md +++ b/desktop/hardened-desktop/index.md @@ -1,5 +1,5 @@ --- -title: Hardened Docker Desktop +title: Overview of Hardened Docker Desktop description: Overview of what Hardened Docker Desktop is and its key features keywords: security, hardened desktop, enhanced container isolation, registry access management, settings management root access, admins, docker desktop, image access management --- @@ -7,7 +7,7 @@ keywords: security, hardened desktop, enhanced container isolation, registry acc > >Hardened Docker Desktop is available to Docker Business customers only. -Hardened Docker Desktop is a group of security features for Docker Desktop, designed to improve security of developer environments without impacting developer experience or productivity. +Hardened Docker Desktop is a group of security features for Docker Desktop, designed to improve the security of developer environments without impacting developer experience or productivity. It is for security conscious organizations who don’t give their users root or admin access on their machines, and who would like Docker Desktop to be within their organization’s centralized control. diff --git a/desktop/hardened-desktop/settings-management/configure.md b/desktop/hardened-desktop/settings-management/configure.md index c0638344a1..69a41c7027 100644 --- a/desktop/hardened-desktop/settings-management/configure.md +++ b/desktop/hardened-desktop/settings-management/configure.md @@ -117,7 +117,7 @@ The following `admin-settings.json` code and table provides an example of the re | `configurationFileVersion` | |Specifies the version of the configuration file format. | | `exposeDockerAPIOnTCP2375` | Windows only| Exposes the Docker API on a specified port. If `value` is set to true, the Docker API is exposed on port 2375. Note: This is unauthenticated and should only be enabled if protected by suitable firewall rules.| | `proxy` | |If `mode` is set to `system` instead of `manual`, Docker Desktop gets the proxy values from the system and ignores and values set for `http`, `https` and `exclude`. Change `mode` to `manual` to manually configure proxy servers. If the proxy port is custom, specify it in the `http` or `https` property, for example `"https": "http://myotherproxy.com:4321"`. The `exclude` property specifies a comma-separated list of hosts and domains to bypass the proxy. | -       `windowsDockerdPort` | Windows only | Exposes Docker Desktop's internal proxy locally on this port for the Windows Docker daemon to connect to. If it is set to 0, a random free port is chosen. If the value is greather than 0, use that exact value for the port. The default value is -1 which disables the option. Note: This is available for Windows containers only. | +       `windowsDockerdPort` | Windows only | Exposes Docker Desktop's internal proxy locally on this port for the Windows Docker daemon to connect to. If it is set to 0, a random free port is chosen. If the value is greater than 0, use that exact value for the port. The default value is -1 which disables the option. Note: This is available for Windows containers only. | | `enhancedContainerIsolation` | | If `value` is set to true, Docker Desktop runs all containers as unprivileged, via the Linux user-namespace, prevents them from modifying sensitive configurations inside the Docker Desktop VM, and uses other advanced techniques to isolate them. For more information, see [Enhanced Container Isolation](../enhanced-container-isolation/index.md).| | `linuxVM` | |Parameters and settings related to Linux VM options - grouped together here for convenience. | |        `wslEngineEnabled` | Windows only | If `value` is set to true, Docker Desktop uses the WSL 2 based engine. This overrides anything that may have been set at installation using the `--backend=` flag. @@ -125,7 +125,7 @@ The following `admin-settings.json` code and table provides an example of the re |       `vpnkitCIDR` | |Overrides the network range used for vpnkit DHCP/DNS for `*.docker.internal` | |`kubernetes`| | If `enabled` is set to true, a Kubernetes single-node cluster is started when Docker Desktop starts. If `showSystemContainers` is set to true, Kubernetes containers are displayed in the UI and when you run `docker ps`. `imagesRepository` allows you to specify which repository Docker Desktop pulls the Kubernetes images from. For example, `"imagesRepository": "registry-1.docker.io/docker"`. | | `windowsContainers` | | Parameters and settings related to `windowsContainers` options - grouped together here for convenience. | -|        `dockerDaemonOptions` | | Overrides the options in the linux daemon config file. See the [Docker Engine reference](/engine/reference/commandline/dockerd/#daemon-configuration-file).| | +|        `dockerDaemonOptions` | | Overrides the options in the Linux daemon config file. See the [Docker Engine reference](/engine/reference/commandline/dockerd/#daemon-configuration-file).| | |`disableUpdate`| |If `value` is set to true, checking for and notifications about Docker Desktop updates is disabled.| |`analyticsEnabled`| |If `value` is set to false, Docker Desktop doesn't send usage statistics to Docker. | |`extensionsEnabled`| |If `value` is set to false, Docker extensions are disabled. | diff --git a/desktop/hardened-desktop/settings-management/index.md b/desktop/hardened-desktop/settings-management/index.md index 6c4d78793b..4ef8ab902a 100644 --- a/desktop/hardened-desktop/settings-management/index.md +++ b/desktop/hardened-desktop/settings-management/index.md @@ -11,7 +11,7 @@ Settings Management is a feature that helps admins to control certain Docker Des With a few lines of JSON, admins can configure controls for Docker Desktop settings such as proxies and network settings. For an extra layer of security, admins can also use Settings Management to enable and lock in [Enhanced Container Isolation](../enhanced-container-isolation/index.md) which ensures that any configurations set with Settings Management cannot be modified by containers. -It is available with [Docker Desktop 4.13.0 or later](../../release-notes.md). +It is available with [Docker Desktop 4.13.0 and later](../../release-notes.md). ### Who is it for? @@ -29,7 +29,7 @@ Values that are set to `locked: true` within the `admin-settings.json` override Using the `admin-settings.json` file, admins can: -- Enable and lock in [Enhanced Container Isolation](../enhanced-container-isolation/index.md) +- Turn on and lock in [Enhanced Container Isolation](../enhanced-container-isolation/index.md) - Configure HTTP proxies - Configure network settings - Configure Kubernetes settings diff --git a/desktop/index.md b/desktop/index.md index 090ce24aa6..181858b5b0 100644 --- a/desktop/index.md +++ b/desktop/index.md @@ -1,7 +1,7 @@ --- description: Explore more of Docker Desktop, what it has to offer, and its key features. Take the next step by downloading or find additional resources. keywords: how to use docker desktop, what is docker desktop used for, what does docker desktop do, using docker desktop -title: Docker Desktop +title: Overview of Docker Desktop redirect_from: - /desktop/opensource/ - /docker-for-mac/dashboard/ @@ -11,9 +11,9 @@ redirect_from: --- Docker Desktop is a one-click-install application for your Mac, Linux, or Windows environment -that enables you to build and share containerized applications and microservices. +that lets you build, share, and run containerized applications and microservices. -It provides a straightforward GUI (Graphical User Interface) that lets you manage your containers, applications, and images directly from your machine. Docker Desktop can be used either on it's own or as a complementary tool to the CLI. +It provides a straightforward GUI (Graphical User Interface) that lets you manage your containers, applications, and images directly from your machine. Docker Desktop can be used either on its own or as a complementary tool to the CLI. Docker Desktop reduces the time spent on complex setups so you can focus on writing code. It takes care of port mappings, file system concerns, and other default settings, and is regularly updated with bug fixes and security updates. @@ -42,8 +42,9 @@ Docker Desktop reduces the time spent on complex setups so you can focus on writ - [Docker Engine](../engine/index.md) - Docker CLI client - [Docker Buildx](../build/index.md) -- [Extensions](extensions/index.md) +- [Docker Extensions](extensions/index.md) - [Docker Compose](../compose/index.md) +- [Docker Scout](../scout/index.md) - [Docker Content Trust](../engine/security/trust/index.md) - [Kubernetes](https://github.com/kubernetes/kubernetes/) - [Credential Helper](https://github.com/docker/docker-credential-helpers/) @@ -64,7 +65,7 @@ Docker Desktop reduces the time spent on complex setups so you can focus on writ Docker Desktop works with your choice of development tools and languages and gives you access to a vast library of certified images and templates in -[Docker Hub](https://hub.docker.com/). This enables development teams to extend +[Docker Hub](https://hub.docker.com/). This allows development teams to extend their environment to rapidly auto-build, continuously integrate, and collaborate using a secure repository. @@ -77,7 +78,7 @@ using a secure repository. Download and install

Install Docker Desktop

-

On Mac , Windows or Linux

+

On Mac , Windows, or Linux

@@ -116,7 +117,7 @@ using a secure repository. Additional resources

Find additional resources

-

Find information on networking features, deploying on Kuberntes and more.

+

Find information on networking features, deploying on Kuberntes, and more.

diff --git a/desktop/install/archlinux.md b/desktop/install/archlinux.md index 2c2b1b17dd..9fcabceac5 100644 --- a/desktop/install/archlinux.md +++ b/desktop/install/archlinux.md @@ -1,7 +1,7 @@ --- description: Instructions for installing Docker Desktop Arch package. Mostly meant for hackers who want to try out Docker Desktop on a variety of Arch-based distributions. keywords: Arch Linux, install, uninstall, upgrade, update, linux, desktop, docker desktop, docker desktop for linux, dd4l -title: Install on Arch-based distributions +title: Install Docker Desktop on Arch-based distributions redirect_from: - /desktop/linux/install/archlinux/ --- @@ -33,9 +33,9 @@ $ sudo pacman -S gnome-terminal 4. Install the package: -```console -$ sudo pacman -U ./docker-desktop--.pkg.tar.zst -``` + ```console + $ sudo pacman -U ./docker-desktop--.pkg.tar.zst + ``` ## Launch Docker Desktop @@ -44,4 +44,5 @@ $ sudo pacman -U ./docker-desktop--.pkg.tar.zst ## Next steps - Take a look at the [Get started](../../get-started/index.md) training modules to learn how to build an image and run it as a containerized application. +- [Explore Docker Desktop](../use-desktop/index.md) and all its features. - Review the topics in [Develop with Docker](../../develop/index.md) to learn how to build new applications using Docker. diff --git a/desktop/install/debian.md b/desktop/install/debian.md index 0ed5db7181..712e5dfec6 100644 --- a/desktop/install/debian.md +++ b/desktop/install/debian.md @@ -1,7 +1,7 @@ --- description: Instructions for installing Docker Desktop on Debian keywords: debian, install, uninstall, upgrade, update, linux, desktop, docker desktop, docker desktop for linux, dd4l -title: Install on Debian +title: Install Docker Desktop on Debian toc_max: 4 redirect_from: - /desktop/linux/install/debian/ @@ -21,30 +21,29 @@ To install Docker Desktop successfully, you must: - Have a 64-bit version of Debian 11. - Uninstall the tech preview or beta version of Docker Desktop for Linux. Run: -```console -$ sudo apt remove docker-desktop -``` + ```console + $ sudo apt remove docker-desktop + ``` -For a complete cleanup, remove configuration and data files at `$HOME/.docker/desktop`, the symlink at `/usr/local/bin/com.docker.cli`, and purge -the remaining systemd service files. + For a complete cleanup, remove configuration and data files at `$HOME/.docker/desktop`, the symlink at `/usr/local/bin/com.docker.cli`, and purge the remaining systemd service files. -```console -$ rm -r $HOME/.docker/desktop -$ sudo rm /usr/local/bin/com.docker.cli -$ sudo apt purge docker-desktop -``` + ```console + $ rm -r $HOME/.docker/desktop + $ sudo rm /usr/local/bin/com.docker.cli + $ sudo apt purge docker-desktop + ``` -> **Note** -> -> If you have installed the Docker Desktop for Linux tech preview or beta version, you need to remove all files that were generated by those packages (eg. `~/.config/systemd/user/docker-desktop.service`, `~/.local/share/systemd/user/docker-desktop.service`). + > **Note** + > + > If you have installed the Docker Desktop for Linux tech preview or beta version, you need to remove all files that were generated by those packages (eg. `~/.config/systemd/user/docker-desktop.service`, `~/.local/share/systemd/user/docker-desktop.service`). -For a Gnome Desktop environment, you must also install AppIndicator and KStatusNotifierItem [Gnome extensions](https://extensions.gnome.org/extension/615/appindicator-support/){:target="_blank" rel="noopener" class="_"}. +- For a Gnome Desktop environment, you must also install AppIndicator and KStatusNotifierItem [Gnome extensions](https://extensions.gnome.org/extension/615/appindicator-support/){:target="_blank" rel="noopener" class="_"}. -For non-Gnome Desktop environments, `gnome-terminal` must be installed: +- For non-Gnome Desktop environments, `gnome-terminal` must be installed: -```console -$ sudo apt install gnome-terminal -``` + ```console + $ sudo apt install gnome-terminal + ``` ## Install Docker Desktop @@ -56,19 +55,19 @@ Recommended approach to install Docker Desktop on Debian: 3. Install the package with apt as follows: -```console -$ sudo apt-get update -$ sudo apt-get install ./docker-desktop--.deb -``` + ```console + $ sudo apt-get update + $ sudo apt-get install ./docker-desktop--.deb + ``` -> **Note** -> -> At the end of the installation process, `apt` displays an error due to installing a downloaded package. You -> can ignore this error message. -> -> ``` -> N: Download is performed unsandboxed as root, as file '/home/user/Downloads/docker-desktop.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) -> ``` + > **Note** + > + > At the end of the installation process, `apt` displays an error due to installing a downloaded package. You + > can ignore this error message. + > + > ``` + > N: Download is performed unsandboxed as root, as file '/home/user/Downloads/docker-desktop.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) + > ``` There are a few post-install configuration steps done through the post-install script contained in the deb package. @@ -95,4 +94,5 @@ $ sudo apt-get install ./docker-desktop--.deb ## Next steps - Take a look at the [Get started](../../get-started/index.md) training modules to learn how to build an image and run it as a containerized application. +- [Explore Docker Desktop](../use-desktop/index.md) and all its features. - Review the topics in [Develop with Docker](../../develop/index.md) to learn how to build new applications using Docker. diff --git a/desktop/install/fedora.md b/desktop/install/fedora.md index 45ab55445b..e0b20d5112 100644 --- a/desktop/install/fedora.md +++ b/desktop/install/fedora.md @@ -1,7 +1,7 @@ --- description: Instructions for installing Docker Desktop on Fedora keywords: fedora, rpm, update install, uninstall, upgrade, update, linux, desktop, docker desktop, docker desktop for linux, dd4l -title: Install on Fedora +title: Install Docker Desktop on Fedora toc_max: 4 redirect_from: - /desktop/linux/install/fedora/ @@ -36,9 +36,9 @@ To install Docker Desktop on Fedora: 3. Install the package with dnf as follows: -```console -$ sudo dnf install ./docker-desktop--.rpm -``` + ```console + $ sudo dnf install ./docker-desktop--.rpm + ``` There are a few post-install configuration steps done through the post-install script contained in the RPM package. @@ -66,4 +66,5 @@ $ sudo dnf install ./docker-desktop--.rpm ## Next steps - Take a look at the [Get started](../../get-started/index.md) training modules to learn how to build an image and run it as a containerized application. +- [Explore Docker Desktop](../use-desktop/index.md) and all its features. - Review the topics in [Develop with Docker](../../develop/index.md) to learn how to build new applications using Docker. diff --git a/desktop/install/linux-install.md b/desktop/install/linux-install.md index cdd5308d65..d74eb79b4b 100644 --- a/desktop/install/linux-install.md +++ b/desktop/install/linux-install.md @@ -42,8 +42,8 @@ Docker supports Docker Desktop on the current LTS release of the aforementioned To install Docker Desktop successfully, your Linux host must meet the following general requirements: - 64-bit kernel and CPU support for virtualization. -- KVM virtualization support. Follow the [KVM virtualization support instructions](#kvm-virtualization-support) to check if the KVM kernel modules are enabled and how to provide access to the kvm device. -- **QEMU must be version 5.2 or newer**. We recommend upgrading to the latest version. +- KVM virtualization support. Follow the [KVM virtualization support instructions](#kvm-virtualization-support) to check if the KVM kernel modules are enabled and how to provide access to the KVM device. +- QEMU must be version 5.2 or later. We recommend upgrading to the latest version. - systemd init system. - Gnome, KDE, or MATE Desktop environment. - For many Linux distros, the Gnome environment does not support tray icons. To add support for tray icons, you need to install a Gnome extension. For example, [AppIndicator](https://extensions.gnome.org/extension/615/appindicator-support/){:target="_blank" rel="noopener" class="_"}. @@ -53,7 +53,7 @@ To install Docker Desktop successfully, your Linux host must meet the following Docker Desktop for Linux runs a Virtual Machine (VM). For more information on why, see [Why Docker Desktop for Linux runs a VM](../faqs/linuxfaqs.md#why-does-docker-desktop-for-linux-run-a-vm). -> **Note:** +> **Note** > > Docker does not provide support for running Docker Desktop in nested virtualization scenarios. We recommend that you run Docker Desktop for Linux natively on supported distributions. @@ -107,7 +107,7 @@ Add your user to the kvm group in order to access the kvm device: $ sudo usermod -aG kvm $USER ``` -Log out and log back in so that your group membership is re-evaluated. +Sign out and sign back in so that your group membership is re-evaluated. ## Generic installation steps @@ -131,7 +131,7 @@ Make sure you meet the system requirements outlined earlier and follow the distr ![Docker app in Applications](images/docker-app-in-apps.png) -3. Select **Docker Desktop** to start Docker.
The Docker menu (![whale menu](images/whale-x.svg){: .inline}) displays the Docker Subscription Service Agreement window. +3. Select **Docker Desktop** to start Docker.
The Docker menu (![whale menu](images/whale-x.svg){: .inline}) displays the Docker Subscription Service Agreement. 4. Select **Accept** to continue. Docker Desktop starts after you accept the terms. @@ -142,9 +142,10 @@ Make sure you meet the system requirements outlined earlier and follow the distr ## Where to go next +- [Get started with Docker](../../get-started/index.md) provides a general Docker tutorial. +- [Explore Docker Desktop](../use-desktop/index.md) and all its features. - [Troubleshooting](../troubleshoot/overview.md) describes common problems, workarounds, how to run and submit diagnostics, and submit issues. - [FAQs](../faqs/general.md) provide answers to frequently asked questions. - [Release notes](../release-notes.md) lists component updates, new features, and improvements associated with Docker Desktop releases. -- [Get started with Docker](../../get-started/index.md) provides a general Docker tutorial. - [Back up and restore data](../backup-and-restore.md) provides instructions on backing up and restoring data related to Docker. diff --git a/desktop/install/mac-install.md b/desktop/install/mac-install.md index e0536d0072..0d3a0b42bd 100644 --- a/desktop/install/mac-install.md +++ b/desktop/install/mac-install.md @@ -12,7 +12,7 @@ redirect_from: - /desktop/mac/apple-silicon/ --- -This page contains information about system requirements, download URLs, and instructions on how to install Docker Desktop for Mac. +This page contains download URLs, information about system requirements, and instructions on how to install Docker Desktop for Mac. [Docker Desktop for Mac with Intel chip](https://desktop.docker.com/mac/main/amd64/Docker.dmg?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-mac-amd64){: .button .primary-btn } [Docker Desktop for Mac with Apple silicon](https://desktop.docker.com/mac/main/arm64/Docker.dmg?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-mac-arm64){: .button .primary-btn } @@ -27,8 +27,6 @@ This page contains information about system requirements, download URLs, and ins ## System requirements -Your Mac must meet the following requirements to install Docker Desktop successfully. -
@@ -66,13 +62,13 @@ You must meet the following requirements to successfully install Docker Desktop For Windows 10 and Windows 11 Home, see the system requirements in the [WSL 2 backend](#wsl-2-backend){: data-toggle="tab" data-target="#win-wsl2" } tab. -- Hyper-V and Containers Windows features must be enabled. +- Hyper-V and Containers Windows features must be turned on. - The following hardware prerequisites are required to successfully run Client Hyper-V on Windows 10: - 64 bit processor with [Second Level Address Translation (SLAT)](https://en.wikipedia.org/wiki/Second_Level_Address_Translation){: target="_blank" rel="noopener" class="_"} - 4GB system RAM - - BIOS-level hardware virtualization support must be enabled in the + - BIOS-level hardware virtualization support must be turned on in the BIOS settings. For more information, see [Virtualization](../troubleshoot/topics.md#virtualization). @@ -106,7 +102,7 @@ Looking for information on using Windows containers? > **Note** > > To run Windows containers, you need Windows 10 or Windows 11 Professional or Enterprise edition. -> Windows Home or Education editions will only allow you to run Linux containers. +> Windows Home or Education editions only allow you to run Linux containers. ## Install Docker Desktop on Windows @@ -114,21 +110,16 @@ Looking for information on using Windows containers? 1. Double-click **Docker Desktop Installer.exe** to run the installer. - If you haven't already downloaded the installer (`Docker Desktop Installer.exe`), you can get it from - [**Docker Hub**](https://hub.docker.com/editions/community/docker-ce-desktop-windows/){:target="_blank" rel="noopener" class="_"}. - It typically downloads to your `Downloads` folder, or you can run it from - the recent downloads bar at the bottom of your web browser. - 2. When prompted, ensure the **Use WSL 2 instead of Hyper-V** option on the Configuration page is selected or not depending on your choice of backend. If your system only supports one of the two options, you will not be able to select which backend to use. 3. Follow the instructions on the installation wizard to authorize the installer and proceed with the install. -4. When the installation is successful, click **Close** to complete the installation process. +4. When the installation is successful, select **Close** to complete the installation process. 5. If your admin account is different to your user account, you must add the user to the **docker-users** group. Run **Computer Management** as an **administrator** and navigate to **Local Users and Groups** > **Groups** > **docker-users**. Right-click to add the user to the group. - Log out and log back in for the changes to take effect. + Sign out and sign back in for the changes to take effect. ### Install from the command line @@ -183,20 +174,21 @@ Docker Desktop does not start automatically after installation. To start Docker ![Search for Docker app](images/docker-app-search.png){:width="300px"} -2. The Docker menu (![whale menu](images/whale-x.svg){: .inline}) displays the Docker Subscription Service Agreement window. +2. The Docker menu (![whale menu](images/whale-x.svg){: .inline}) displays the Docker Subscription Service Agreement. {% include desktop-license-update.md %} 3. Select **Accept** to continue. Docker Desktop starts after you accept the terms. - Note that Docker Desktop will not run if you do not agree to the terms. You can choose to accept the terms at a later date by opening Docker Desktop. + Note that Docker Desktop won't run if you do not agree to the terms. You can choose to accept the terms at a later date by opening Docker Desktop. For more information, see [Docker Desktop Subscription Service Agreement](https://www.docker.com/legal/docker-subscription-service-agreement/){:target="_blank" rel="noopener" class="_"}. We recommend that you also read the [FAQs](https://www.docker.com/pricing/faq){: target="\_blank" rel="noopener" class="*" id="dkr_docs_desktop_install_btl"}. ## Where to go next -* [Get started with Docker](/get-started/) is a tutorial that teaches you how to deploy a multi-service stack. +- [Get started with Docker](/get-started/) is a tutorial that teaches you how to deploy a multi-service stack. +- [Explore Docker Desktop](../use-desktop/index.md) and all its features. - [Troubleshooting](../troubleshoot/overview.md) describes common problems, workarounds, and how to get support. - [FAQs](../faqs/general.md) provide answers to frequently asked questions. diff --git a/desktop/kubernetes.md b/desktop/kubernetes.md index 4d2a4564f0..8e8f06a26b 100644 --- a/desktop/kubernetes.md +++ b/desktop/kubernetes.md @@ -1,7 +1,7 @@ --- description: See how you can deploy to Kubernetes on Docker Desktop keywords: deploy, kubernetes, kubectl, orchestration, Docker Desktop -title: Deploy on Kubernetes +title: Deploy on Kubernetes with Docker Desktop redirect_from: - /docker-for-windows/kubernetes/ - /docker-for-mac/kubernetes/ @@ -13,21 +13,21 @@ as well as Docker CLI integration that runs on your machine. The Kubernetes server runs locally within your Docker instance, is not configurable, and is a single-node cluster. It runs within a Docker container on your local system, and is only for local testing. -Enabling Kubernetes allows you to deploy -your workloads in parallel, on Kubernetes, Swarm, and as standalone containers. Enabling or disabling the Kubernetes server does not affect your other +Turning on Kubernetes allows you to deploy +your workloads in parallel, on Kubernetes, Swarm, and as standalone containers. Turning on or off the Kubernetes server does not affect your other workloads. -## Enable Kubernetes +## Turn on Kubernetes -To enable Kubernetes in Docker Desktop: +To turn on Kubernetes in Docker Desktop: 1. From the Docker Dashboard, select the **Settings**. 2. Select **Kubernetes** from the left sidebar. 3. Next to **Enable Kubernetes**, select the checkbox. -4. Select **Apply & Restart** to save the settings and then click **Install** to confirm. This instantiates images required to run the Kubernetes server as containers, and installs the `/usr/local/bin/kubectl` command on your machine. +4. Select **Apply & Restart** to save the settings and then select **Install** to confirm. This instantiates images required to run the Kubernetes server as containers, and installs the `/usr/local/bin/kubectl` command on your machine. By default, Kubernetes containers are hidden from commands like `docker ps`, because managing them manually is not supported. Most users do not need this option. To see these internal containers, select **Show system containers (advanced)**. -When Kubernetes is enabled and running, an additional status bar in the Dashboard footer and Docker menu displays. +When Kubernetes is turned on and running, an additional status bar in the Docker Dashboard footer and Docker menu displays. > Note > @@ -50,11 +50,12 @@ $ kubectl config get-contexts $ kubectl config use-context docker-desktop ``` ->Note +> **Tip** > > Run the `kubectl` command in a CMD or PowerShell terminal, otherwise `kubectl config get-contexts` may return an empty result. > ->If you are using a different terminal and this happens, you can try setting the `kubeconfig` environment variable to the location of the `.kube/config` file. +> If you are using a different terminal and this happens, you can try setting the `kubeconfig` environment variable to the location of the `.kube/config` file. +{: .tip} If you installed `kubectl` using Homebrew, or by some other method, and experience conflicts, remove `/usr/local/bin/kubectl`. @@ -71,9 +72,9 @@ docker-desktop Ready master 3h v1.19.7 For more information about `kubectl`, see the [`kubectl` documentation](https://kubernetes.io/docs/reference/kubectl/overview/){:target="_blank" rel="noopener" class="_"}. -## Disable Kubernetes +## Turn off Kubernetes -To disable Kubernetes in Docker Desktop: +To turn off Kubernetes in Docker Desktop: 1. From the Docker Dashboard, select the **Settings** icon. 2. Select **Kubernetes** from the left sidebar. 3. Next to **Enable Kubernetes**, clear the checkbox diff --git a/desktop/mac/permission-requirements.md b/desktop/mac/permission-requirements.md index e650ed755b..b531cc6171 100644 --- a/desktop/mac/permission-requirements.md +++ b/desktop/mac/permission-requirements.md @@ -1,7 +1,7 @@ --- description: Understand permission requirements for Docker Desktop for Mac and the differences between versions keywords: Docker Desktop, mac, security, install, permissions -title: Understand permission requirements for Mac +title: Understand permission requirements for Docker Desktop on Mac redirect_from: - /docker-for-mac/privileged-helper/ - /desktop/mac/privileged-helper/ @@ -15,11 +15,11 @@ It also provides clarity on running containers as `root` as opposed to having `r Docker Desktop for Mac is run as an unprivileged user. However, certain functionalities are required for Docker Desktop to perform a limited set of privileged configurations such as: - [Installing symlinks](#installing-symlinks) in`/usr/local/bin`. - - [Binding privileged ports](#binding-privileged-ports) that are less than 1024. The so-called "privileged ports" are not generally used as a security boundary, however OSes still prevent unprivileged processes from binding them which breaks commands like `docker run -p 127.0.0.1:80:80 docker/getting-started`. - - [Ensuring `localhost` and `kubernetes.docker.internal` are defined](#ensuring-localhost-and-kubernetesdockerinternal-are-defined) in `/etc/hosts`. Some old macOS installs do not have `localhost` in `/etc/hosts`, which causes Docker to fail. Defining the DNS name `kubernetes.docker.internal` allows Docker to share Kubernetes contexts with containers. + - [Binding privileged ports](#binding-privileged-ports) that are less than 1024. The so-called "privileged ports" are not generally used as a security boundary, however operating systems still prevent unprivileged processes from binding them which breaks commands like `docker run -p 127.0.0.1:80:80 docker/getting-started`. + - [Ensuring `localhost` and `kubernetes.docker.internal` are defined](#ensuring-localhost-and-kubernetesdockerinternal-are-defined) in `/etc/hosts`. Some old macOS installs don't have `localhost` in `/etc/hosts`, which causes Docker to fail. Defining the DNS name `kubernetes.docker.internal` allows Docker to share Kubernetes contexts with containers. - Securely caching the Registry Access Management policy which is read-only for the developer. -Depending on which version of Docker Desktop for Mac is used, privileged access is granted either during installation, first run, or only when it is needed. +Depending on which version of Docker Desktop for Mac is used, privileged access is granted either during installation, first run, or only when it's needed.